Re: [Jwt-reg-review] [Ace] Requested review for IANA registration in draft-ietf-ace-oauth-params
Brian Campbell <bcampbell@pingidentity.com> Fri, 10 January 2020 21:12 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D832312008C for <jwt-reg-review@ietfa.amsl.com>; Fri, 10 Jan 2020 13:12:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WPTKNfye7kc2 for <jwt-reg-review@ietfa.amsl.com>; Fri, 10 Jan 2020 13:12:30 -0800 (PST)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1B781200CC for <jwt-reg-review@ietf.org>; Fri, 10 Jan 2020 13:12:29 -0800 (PST)
Received: by mail-lf1-x12a.google.com with SMTP id b15so2528442lfc.4 for <jwt-reg-review@ietf.org>; Fri, 10 Jan 2020 13:12:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZrlstIV2pgTIe8IoGLocyuO7JgJ3lLB7wDZhmRUVQfY=; b=NPy8yT0Y67phqIDxjOnqZtfTHmzmbMnKz6178LWhNPo0RmiaqhZkHi6Sb+Z6mIb6eD Zk+gbu43E0yjnvPW72aHnwX2RZDONz6psJHP+Eb161Cv1xs1/kubCFP761arubFKyVeL TB1A2bN7DJse9nOd83SNUrKbi+r3RisKi7tk99CduOIidVk8/7cwQSfbF0enDmORrhnV vg4xifOjfrLonzCrNb3kRq0fmOJxwGUlplF9buVLhyigrdBDaD3VdL98trne361qkHiw 0IYE3UG/6eTha74umYEgqdmxcaRY+NAb3bG9UF24KRJEE2r3T9pBTNI5MlaX+1IKJYoZ EeVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZrlstIV2pgTIe8IoGLocyuO7JgJ3lLB7wDZhmRUVQfY=; b=a/7rDYMWtJj6RMZLdSQHPHPI95Rslk0nCk8RspxO/hlmiKoiT3wEGTo+dv8LFTb9u2 hizm4buK4tKVsXtwvF3D/mD/IFG0k2kdK0ocVq9HFa0erLEpCul7qXt/Zq2CfDsrUM2e IPqAT+lT8zpA2luOqXNn5/7KQzVQ2CTdF38ITltWsbE+Y4Elx599hlb8MXlCxd1buXNI Q8bh9RM+z1r6yxm9sybwEiOGEK6uhFzFFSfvKrpzYkyLx1gCreAlGCerpPpB68RXG23l DasdgW3MWdMmJlMLQbCx5yHb8AQu8oIhU/v7tF/lMo7uGCHjalvUzvkqou+SefSWAucx LFqg==
X-Gm-Message-State: APjAAAWooGF8c7mqc8VupgIlnhpfZ1XqnFHERDWbqCUgoHt0d6ra5ne1 Wpcd7IIE7ZYccaDtl1Td0bkNhXAMjSNHnZG4txCaOI4S80/Rt2uwOgMhIUlYxrSdr9tEMm9f+D3 qk8VeQSdnLVdmsa9TTo76i8poZw==
X-Google-Smtp-Source: APXvYqyQ+nhSPqMQ/N2sPfuKtb5EujijCYX5qpfRAafeBm9RNcwxXWLD7PSU6TtNGIA0m2qsOpojqArHVN4dwCLHKd8=
X-Received: by 2002:ac2:44d9:: with SMTP id d25mr3604646lfm.15.1578690747987; Fri, 10 Jan 2020 13:12:27 -0800 (PST)
MIME-Version: 1.0
References: <9c32d171-9a4a-ba71-c989-92a177d9e989@gmx.de>
In-Reply-To: <9c32d171-9a4a-ba71-c989-92a177d9e989@gmx.de>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 10 Jan 2020 14:12:01 -0700
Message-ID: <CA+k3eCSocYYpHQtWAfs=EnOTcOFbRSFH52FK=Ak5RiTZs4nOYA@mail.gmail.com>
To: Ludwig Seitz <ludwig_seitz@gmx.de>
Cc: jwt-reg-review@ietf.org, Roman Danyliw <rdd@cert.org>, Jim Schaad <ietf@augustcellars.com>, The IESG <iesg@ietf.org>, "ace@ietf.org" <ace@ietf.org>, drafts-lastcall@iana.org, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="0000000000003ea6f9059bcf955c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/Cx2BqRjyAjmI2XbqOxjxfM0gisg>
Subject: Re: [Jwt-reg-review] [Ace] Requested review for IANA registration in draft-ietf-ace-oauth-params
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2020 21:12:33 -0000
That "rs_cnf" claim registration request in 9.1 points to 3.3 which says it has 'the same syntax and semantics as defined in for the "rs_cnf" parameter', which I think is in 4.1. And 4.1 says that the "rs_cnf" values 'follow the syntax of the "cnf" claim from section 3.1 of [I-D.ietf-ace-cwt-proof-of-possession].' Similar to other comments I've made today, I don't follow what that would mean for the value of the claim when it's a JWT. And that seems like something that's important to understand for the purpose of a JWT claims registry request. On Sat, Dec 21, 2019 at 4:11 AM Ludwig Seitz <ludwig_seitz@gmx.de> wrote: > Hello JWT registry reviewers, > > the IESG-designated experts for the JWT claims registry have asked me to > send a review request to you about the "rs_cnf" claim registered here: > > https://tools.ietf.org/html/draft-ietf-ace-oauth-params-07#section-9.1 > > Thank you in advance for you review comments. > > Regards, > > Ludwig > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
- [Jwt-reg-review] Requested review for IANA regist… Ludwig Seitz
- Re: [Jwt-reg-review] Requested review for IANA re… Ludwig Seitz
- Re: [Jwt-reg-review] Requested review for IANA re… Brian Campbell
- Re: [Jwt-reg-review] [Ace] Requested review for I… Brian Campbell
- Re: [Jwt-reg-review] [Ace] Requested review for I… Brian Campbell
- Re: [Jwt-reg-review] [Ace] Requested review for I… Ludwig Seitz
- Re: [Jwt-reg-review] [Ace] Requested review for I… Brian Campbell
- [Jwt-reg-review] [IANA #1160802] Re: [Ace] Reques… Sabrina Tanamal via RT
- [Jwt-reg-review] [IANA #1160802] Re: [Ace] Reques… Sabrina Tanamal via RT
- [Jwt-reg-review] [IANA #1158948] Requested review… Sabrina Tanamal via RT
- Re: [Jwt-reg-review] [EXTERNAL] [IANA #1158948] R… Mike Jones
- Re: [Jwt-reg-review] [EXTERNAL] [IANA #1160802] R… Mike Jones
- [Jwt-reg-review] [IANA #1158948] Requested review… Sabrina Tanamal via RT